Spam subscribers / No honeypot

  • Resolved mobilewebexpert

    (@mobilewebexpert)


    8 years, 5 months ago

    Hiya,

    We have installed MailChimp on our site and it’s working fine – except for one thing… the amount of spam subscribers we are getting through.

    I’ve looked at the code for the signup form (in the footer at http://performanceanalytics.com.au/ ) and there appears to be no honeypot – despite a honeypot being described as one of the features of MailChimp.

    Can you advise?

    Thanks,
    James

    PS – Obviously, we don’t want to use a Captcha (as that would deter people from signing up) and we don’t want to use CF7 either.

    https://wordpress.org/plugins/mailchimp-for-wp/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor Harish Chouhan

    (@hchouhan)

    8 years, 5 months ago

    Hello James,

    The honeypot field we add, is a hidden field and only automated bots fill it which we could then stop from submitting the form.
    If you are getting spam submissions in your MailChimp.com List, then I would suggest enabling the “Double Opt-in” option if you haven’t already enabled it. This will ensure only real people with valid email address are added to your List.

    trined

    (@trined)

    8 years, 4 months ago

    I have the same issue and I do have double opt-in enabled – this keeps the emails out of my mail chimp but within WP for Mailchimp (and I love your plugin by the way, I have the PRO version), in my log it shows all these emails (and there are A LOT). I would have thought the log would only show those who have double opted?

    Thread Starter mobilewebexpert

    (@mobilewebexpert)

    8 years, 4 months ago

    Harish, Thanks for your response, but I don’t think you read my message properly.

    Trined and Harish, This problem seems to have gone away since I updated the plugin from v2.x to v3.0.2 – as I can now see the honeypot field in my form.

    Harish, It doesn’t look like the best honeypot in the world – wrapping it in a div with style=”display: none;”… bots won’t need to be that smart to figure it out. How about putting the honeypot as the first input in the div.signup-form-contents container, but giving the honeypot a css class that hides it. I think this would help the reliability of the honeypot. (Your current code is inviting a spam issue – that’s if there isn’t one there already.)

    Cheers,
    James

    PS – I love the plugin too, BTW! 🙂

    Plugin Author Danny van Kooten

    (@dvankooten)

    8 years, 4 months ago

    Hi James,

    Thanks for your suggestions, appreciate you thinking along. The honeypot is actually a thing we’ve been struggling with in the past.

    We’ve tried wrapping it in an absolutely positioned element but in that case, some browsers wouldn’t get it and they would autofill the form (and the honeypot) breaking the form entirely.

    We’ve now taken the current HTML-only approach which seems to block the majority of bots, but we’re definitely willing to slowly ramp up the cleverness of the field again.

    The problem is that some browsers have their own rules about autofill and autocomplete (*cough* Chrome *cough*). If you have any input here then I’d love to hear it. 🙂

    Ps. A good no-captcha solution is to use Goodbye Captcha. Targeted bots are very hard to stop, but this plugin surely will. It comes with built-in integration for MailChimp for WordPress.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Spam subscribers / No honeypot’ is closed to new replies.